nouveau/nir: image_samples/size don't have coordinates

Without this, it treats the src[1] as a coordinate (it's actually LOD) and may try to read more than one component. I don't think this usually hurts anything as the coordinate should get ignored later but it can result in OOB memory reads while translating NIR. Reviewed-by: Karol Herbst <kherbst@redhat.com> Part-of: <https://gitlab.freedesktop.org/mesa/mesa/-/merge_requests/22834>
2023-05-03 09:46:55 -05:00
parent f4be2e3437
commit d1e565a8eb
1 changed files with 2 additions and 0 deletions
--- a/src/nouveau/codegen/nv50_ir_from_nir.cpp
+++ b/src/nouveau/codegen/nv50_ir_from_nir.cpp
@@ -2301,6 +2301,7 @@ Converter::visit(nir_intrinsic_instr *insn)
         mask = 0x8;
         FALLTHROUGH;
      case nir_intrinsic_image_samples:
+         argCount = 0; /* No coordinates */
         ty = TYPE_U32;
         bindless = op == nir_intrinsic_bindless_image_samples;
         mask = 0x8;
@@ -2308,6 +2309,7 @@ Converter::visit(nir_intrinsic_instr *insn)
      case nir_intrinsic_bindless_image_size:
      case nir_intrinsic_image_size:
         assert(nir_src_as_uint(insn->src[1]) == 0);
+         argCount = 0; /* No coordinates */
         ty = TYPE_U32;
         bindless = op == nir_intrinsic_bindless_image_size;
         break;